#!/bin/sh

# Based on apt-key from apt-0.6.25
# Licensed under GPL Version 2

set -e

usage() {
    echo "Usage: opkg-key [options] command [arguments]"
    echo
    echo "Manage opkg's list of trusted keys"
    echo
    echo "  opkg-key add <file>          - add the key contained in <file> ('-' for stdin)"
    echo "  opkg-key del <keyid>         - remove the key <keyid>"
    echo "  opkg-key list                - list keys"
    echo
    echo "Options:"
    echo "  -o <root>  Use <root> as the offline root directory"
    echo
}

if [ "$1" = "-o" ]; then
  ROOT=$2
  shift 2
  echo "Note: using \"$ROOT\" as root path"
else
  ROOT=""
fi

command="$1"
if [ -z "$command" ]; then
    usage
    exit 1
fi
shift

if [ "$command" != "help" ] && ! which gpg >/dev/null 2>&1; then
    echo >&2 "Warning: gnupg does not seem to be installed."
    echo >&2 "Warning: opkg-key requires gnupg for most operations."
    echo >&2
fi

# We don't use a secret keyring, of course, but gpg panics and
# implodes if there isn't one available

GPG="gpg --no-options --no-default-keyring --keyring $ROOT/etc/opkg/trusted.gpg --secret-keyring $ROOT/etc/opkg/secring.gpg --trustdb-name $ROOT/etc/opkg/trustdb.gpg"

case "$command" in
    add)
        $GPG --quiet --batch --import "$1"
        echo "OK"
        ;;
    del|rm|remove)
        $GPG --quiet --batch --delete-key --yes "$1"
        echo "OK"
        ;;
    list)
        $GPG --batch --list-keys
        ;;
    finger*)
        $GPG --batch --fingerprint
        ;;
    adv*)
        echo "Executing: $GPG $*"
        $GPG $*
        ;;
    help)
        usage
        ;;
    *)
        usage
        exit 1
        ;;
esac
